anon-access = none password-db = passwd authz-db = authz I'm using svn (svnserve.exe). There is a mistake in the previous post: 'test_user' is without the '_' character. So the only user in passwd is 'testuser'. Every user different from 'testuser' does not get authentication, while 'TESTUSER' gets authentication, but he's not authorized to commit. (while 'testuser' is). It seems that 'TESTUSER' and 'testuser' are the same from the authentication point of view, while they are different from the authorization point of view. Instead, I would expect for 'TESTUSER' to not be authenticated. Am I right or am I missing something? Thanks.
On Fri, Oct 8, 2010 at 4:51 PM, Bob Archer <bob.arc...@amsi.com> wrote: > > Hi all. I have a problem with SVN. I have the (only) user > > 'test_user' (in the 'passwd' file) having 'rw' on the entire > > repository. Why am I able to get *authenticated* with the user > > 'TESTUSER' (but not *authorized* to commit)? Note that only > > authenticated user can access and read from my repository, so > > 'TESTUSER' should not be authenticated, as it happens for all the > > users not appearing in the passwd file, for example the 'BlaBlaBla' > > user. > > Thanks > > You probably have anon access allowed. Are you using svn or apache/http? > Perhaps showing us your config file would help. I think authorization is > only applied to authenticated users. > > BOb > >
